clinic-service-review-analysis

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill operates as a standard client for the AI Skills service. It utilizes environment variables for authentication and communicates securely with the vendor's infrastructure at ai-skills.ai.
  • [PROMPT_INJECTION]: The skill is designed to ingest and process external untrusted data, which constitutes an indirect prompt injection surface.
  • Ingestion points: The skill accepts clinic reviews, uploaded documents, and external web links via parameters defined in references/form-schema.json.
  • Boundary markers: The provided instructions do not specify explicit delimiters or isolation instructions for the processed content.
  • Capability inventory: The execution environment is focused on remote API calls and does not include high-risk local capabilities such as direct command execution or local file system modification.
  • Sanitization: No evidence of local input sanitization was found in the provided Python runner.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — clinic-service-review-analysis